package com.cimr.comm.token;

import com.cimr.comm.po.User;
import com.cimr.comm.service.PermissionService;
import com.cimr.comm.service.RoleService;
import com.cimr.comm.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;

import javax.annotation.Resource;
import java.util.Set;

/**
 * @author liqi on 2017-08-26.
 */
public class MyRealm extends AuthorizingRealm {

    // 验证当前登录的用户，获取认证信息
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UserToken userToken = (UserToken)token;
        User user = userService.login(userToken.getUsername(), userToken.getPswd());
        if(user != null) {
            if (User._0==user.getStatus()) {
                throw new DisabledAccountException("帐号已经禁止登录！");
            }
            return new SimpleAuthenticationInfo(user,user.getPswd(), getName());
//            AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user, user.getPswd(), getName());
//            return authcInfo;
        } else {
            throw new AccountException("帐号或密码不正确！");
//            return null;
        }
    }

    // 为当前登陆成功的用户授予权限和角色，已经登陆成功了
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String userId = TokenUtil.getUserId();
//        String username = (String) principals.getPrimaryPrincipal(); //获取用户名
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//        authorizationInfo.setRoles(userService.getRoles(username));
//        authorizationInfo.setStringPermissions(userService.getPermissions(username));
        Set<String> roles = roleService.findRoleByUserId(userId);
        Set<String> permissions = permissionService.findPermissionByUserId(userId);
        authorizationInfo.setRoles(roles);
        authorizationInfo.setStringPermissions(permissions);
        return authorizationInfo;
    }

    /**
     * 清空当前用户权限信息
     */
    public  void clearCachedAuthorizationInfo() {
        PrincipalCollection principalCollection = SecurityUtils.getSubject().getPrincipals();
        SimplePrincipalCollection principals = new SimplePrincipalCollection(principalCollection, getName());
        super.clearCachedAuthorizationInfo(principals);
    }

    /**
     * 指定principalCollection 清除
     */
    public void clearCachedAuthorizationInfo(PrincipalCollection principalCollection) {
        SimplePrincipalCollection principals = new SimplePrincipalCollection(principalCollection, getName());
        super.clearCachedAuthorizationInfo(principals);
    }

    @Resource
    private UserService userService;
    @Resource
    private RoleService roleService;
    @Resource
    private PermissionService permissionService;

}
